Newsinterpretation

Over 115 million U.S. cards exposed in large-scale phishing and wallet fraud scheme

A large-scale cyberattack has put millions of people in the United States at risk. Cybersecurity experts have found a network of hackers who may have stolen data from up to 115 million payment cards.

Hackers use fake messages and smart tools to steal payment data

These hackers are using smart and hard-to-detect tricks to steal personal and financial information. Most shockingly, they’re not just stealing credit or debit card details — they are taking advantage of new-age digital wallets like Apple Pay and Google Wallet.

These hackers are using a trick called “smishing”, where they send fake text messages that look like they’re from trusted services like mail delivery companies or toll payment centers. These messages contain dangerous links that take people to fake websites. Once a person enters their details, the hackers collect everything — names, card numbers, one-time passwords (OTPs), and even login credentials.

What makes this attack different is how these criminals use the stolen data. Instead of just trying to use the card numbers online, they go a step further. They add the stolen cards to digital wallets on their own devices. These wallets allow them to make purchases without even needing the actual card. Because the payments go through trusted systems, they don’t raise red flags.

These cybercriminals are using tools that are much more advanced than in the past. Their phishing kits can block certain IP addresses, avoid detection by cybersecurity tools, and target only mobile users. They’ve even added maps and mobile-friendly designs to their fake websites, making them look real.

Fake shopping websites and real-time tracking make it harder to stop

The hackers have created an entire business around these scams. They have built fake online shops that look like real ones. These fake shops are designed using platforms like WordPress and WooCommerce. People who visit these sites believe they are making real purchases. But instead, they are handing over their card information to criminals.

Some of these fake stores also pretend to accept payments through services like PayPal, which helps the attackers take over PayPal accounts too. The stolen data is often collected using advanced tools that track what people type in real time.

🌐 Teen Hacker’s $37M Crypto Crime Spree Exposed: Inside the SIM Swap That Shook the Blockchain

By the middle of 2024, one major cybercrime platform had expanded its tools to work in more than 80 countries and mimic hundreds of real-world brands. It even allowed multiple criminals to work together by giving them different roles and access levels. This platform made it easy for others to carry out scams by just paying for the service — something known as “phishing-as-a-service”.

Old phones and global scams help hackers cash out silently

Once hackers add the stolen cards to their own devices, they wait for a few days before making transactions. This 2-10 day delay helps avoid detection. After that, they start spending fast, often using the cards at physical stores with contactless payments or selling phones that already have loaded cards.

They tend to use older model phones, especially iPhones, because they have weaker security systems. On each phone, hackers can add multiple stolen cards, especially from victims in the U.S. and the U.K. These phones are sometimes shipped overseas, where other scammers use them to spend the money.

The hackers also set up fake merchant accounts on platforms like Stripe or Flutterwave. These accounts allow them to process payments from the stolen cards and withdraw the money as if it came from real business transactions.

To stay ahead of being caught, hackers constantly change the brands they imitate and switch their websites. Some even use tools similar to what software developers use — like Git version control — to keep their scam websites fresh and harder to track.

Between July 2023 and October 2024, over 32,000 fake websites themed around the U.S. postal service were found. Each site may have stolen between 387 to 3,485 payment cards. When added up, the number of affected people may be as high as 115 million.

Renuka Bangale
Renuka is a distinguished Chartered Accountant and a Certified Digital Threats Analyst from Riskpro, renowned for her expertise in cybersecurity. With a deep understanding of cybercrimes, malware, cyber warfare, and espionage, she has established herself as an authority in the field. Renuka combines her financial acumen with advanced knowledge of digital threats to provide unparalleled insights into the evolving landscape of information security. Her analytical prowess enables her to dissect complex cyber incidents, offering clarity on risks and mitigation strategies. As a key contributor to Newsinterpretation’s information security category, Renuka delivers authoritative articles that educate and inform readers about emerging threats and best practices.

TOP 10 TRENDING ON NEWSINTERPRETATION

Duchess of York called Epstein a “supreme friend” in letters under media review

The Duchess of York, Sarah Ferguson, is facing renewed...

Chaos Hits Brussels Airport as Nearly 140 Flights Cancelled Amid Europe Cyberattack

Major Disruptions Hit European Airports Brussels Airport is facing massive...

Massive cyber heist paralyzes Las Vegas casinos as MGM loses $100 million in shocking hack

A shocking cyberattack hit multiple Las Vegas casino properties...

Bannon ignites firestorm after claiming one-third of U.S. teachers are “terrorists” shaping kids

Steve Bannon, the former adviser to Donald Trump, stunned...

“Who’s the illegal now?” — AOC’s explosive post targets Tom Homan amid $50000 bribe claims

A political firestorm has erupted after shocking reports linked...

Russian hackers hit 20 South Korean equity funds, dump tax files and investor data online

A major data breach has struck South Korea’s financial...

British teen faces U.S. charges for $115 million cybercrime spree targeting companies and courts

A shocking case has unfolded as authorities accuse a...

Outrage Grows as Gavin Newsom Demands Fox News Suspend Greg Gutfeld Over False Claims

Newsom Issues a Final Warning to Fox News California Governor...

Alexandria Ocasio Cortez moves to expand reach with 2028 Senate or presidential run in focus

Rep. Alexandria Ocasio-Cortez, often referred to as AOC, is...

Disney+ users share hacks to escape as crashing cancellation pages fuel boycott rage

Disney is facing a sudden storm after suspending Jimmy...
error: Content is protected !!
Exit mobile version